GDPR; individual, bespoke assistance for your Practice, Department or Organisation

Our years of experience leads us to urge any organisation that is offered 'template' policies or an 'IT solution' to exercise great caution about the risk they are not unlikely to be running.

Our legal sector auditing team has recorded more non-compliances than we can easily count due to organisations using template plans, policies and procedures!

Our approach is far more comprehensive and tailored to each organisation. Some organisations want all of the steps below, and some just ask for one or two;  you can adopt whichever you need.

Like everything else we do, this work is intended to be conducted on a fixed fee basis.


Phase 1: We conduct a fixed price gap analysis

(For organisations that already have structured plans, policies and procedures in place). We provide you with a detailed report, including details of what you need to do or consider to plug any gaps.

For most organisations (including most Lexcel accredited legal Practices and Departments) the report runs to between 17 and 23 pages.


Phase 2:  We visit your Head Office to map your data

Click here for step-by-step details.

In a nutshell, we meet with the relevant key people in your organisation to discuss and map as to how your organisation uses data and would like to use data.

Then,  back at our own offices, we draft the new plans, policies and procedures for you (or augment your existing ones).


Phase 3:  Training and support (if required)

The most common cause of data breaches is human error; it's one thing to rewrite the rulebook, but it's often something else entirely to actually implement it and affect changes in staff behaviour to meet it.

We provide training and support at all levels to help you to embed your new plans, policies and procedures with your staff.


GDPR prepared WEB shadow

Demonstrate that you have prepared

The organisations for whom we've conducted work up to the point of training are presented with our 'GDPR Prepared' mark.

There's no underestimating the importance of effective preparation for GDPR; this mark communicates to your staff, clients, suppliers and others that you have put in place processes intended to support best practice for data protection.

Having received the mark, you can choose to display it on your website, in email signatures, on business cards and stationery, in social media and elsewhere.

You will also receive a window sticker to show passers-by that you are protecting their data.

Read more about the mark, here.